Skip to content

Login ID Type

Login ID Type lets you decide whether people sign in with username, email, or either. Restricted modes update login field labels and reject the wrong format with one instructional message - without revealing whether a specific account exists.

  • Offers three modes: Username & Email, Username Only, Email Only.
  • In restricted modes, enforces the chosen identifier on the authenticate pipeline (including WooCommerce login forms).
  • Relabels the login field on wp-login.php and WooCommerce My Account.
  • Replaces credential-failure copy with a single instructional message (unless Generic Login Error Message is also enabled - that module then owns the text).
  • Does not change registration or password reset.

In Username & Email mode the module does not alter native WordPress login behavior (no extra enforcement hooks).

  • Policy requires email-only or username-only sign-in.
  • You want clearer labels that match how customers actually log in.
  • You’re reducing accidental email/username mix-ups on membership or shop sites.

Open the module’s advanced settings (gear icon):

Mode Key value Behavior
Username & Email username_email Default WordPress behavior. No enforcement hooks.
Username Only username_only Email-shaped input is rejected; label becomes “Username”.
Email Only email_only Non-email input is rejected; label becomes “Email address”.

Setting key: login_id_type.

  1. Go to WP PowerSuite -> Modules.
  2. Filter by Login & Users or search for “Login ID Type”.
  3. Turn the module on.
  4. Open settings, choose a mode, and save.

Email Only

  1. Set mode to Email Only and save.
  2. On wp-login.php, confirm the field label is Email address.
  3. Try logging in with a username (not an email). ✅ You get an instructional error: Use your email address to log in.
  4. Log in with a valid email + password - should succeed.

Username Only - same idea with username vs email swapped.

  • Wrong format still accepted. Confirm the module is on and mode is not Username & Email. Clear caches; retry on a private window.
  • Labels didn’t change. Theme/plugin may hardcode labels outside gettext / login_form_defaults. Enforcement can still apply on submit.
  • Odd error text with Generic Login Error Message. Expected overlap - turn one of the two off for restricted modes.
  • Social login still works. Google Sign-in and similar OAuth flows are separate from username/password ID rules.
What login ID modes are available?

Three modes: Username & Email (default WordPress behavior), Username Only, and Email Only.

Does Login ID Type change registration or password reset?

No. It only affects how users authenticate on login. Registration and password reset are unchanged.

Should I use it with Generic Login Error Message?

Avoid combining Generic Login Error Message with Username Only or Email Only. Enforcement still applies, but error text is owned by that module-use one restricted approach for predictable messaging.

Does it work with WooCommerce login?

Yes. Labels and enforcement apply on WooCommerce My Account login as well as wp-login.php.

Developer notes (hooks & filters)

Source: modules/login-id-type/module.php (settings: modules/login-id-type/admin.php). Boot: critical.

  • Modes: username_email | username_only | email_only (legacy both -> username_email).
  • When mode is username_email, registerHooks() returns early (no auth filters).
  • Restricted modes: authenticate at priority 5 (enforceLoginIdType), then wraps default username/email authenticators at priority 20.
  • Labels: login_form_defaults, gettext (core + WooCommerce strings).
  • Credential message ownership yields to custom-login-error-messages when that module is enabled.
  • AJAX 2FA login path can use wp_powersuite_ajax_login_generic_message.